The Ipremier Company: Denial of Serivice Attack. Case Analysis

1528 Words Nov 16th, 2010 7 Pages
The iPremier Compant (A): Denial of Service Attack
Summary of the case: iPremier, a Seattle based company, was founded in 1996 by two students from Swathmore College. iPremier had become one of a few success web-based commerce, selling luxury, rare, and vintage goods over the Internet. Most of iPremier’s goods sell between fifty and a few hundred dollars, and the customer buys the products online with his or her credit card. iPremier’s competitive advantage is their flexible return policies which allows the customer to thoroughly check out the product and make a decision to keep the product or return it. The majority of iPremier customers are high end, and credit limits are not a problem. iPremier had contracted with Qdata, an
…show more content…
1. How well did this company perform during the attack?

The company did not perform as well as they should have been able to. There were multiple areas where problems arose, such as the technical architecture of the IT system, relying only on the 3rd party, Qdata, to monitor their IT infrastructure, keeping out of date manuals, and not maintaining their emergency procedures.

However, some people trying to fix the attack did an adequate job considering the problems the company had. Joanne and Leon Ledbetter did everything in their power to restore the website and protect the customer data, which even included running red lights. Leon was so new that he didn’t know exactly what to do. Training for an emergency would have proven useful. The CIO, Bob Turley, knew of the emergency protocol and out of date manuals, but never did anything to alleviate these problems. This put the company in a significant disadvantage, and created a bigger problem than what was necessary. Faced with this problem, Turley was able to facilitate direction for the company as best as he could, which ended with the security breach stopping.

Even after the attack, when the company did not know whether the customer information, which included credit card information, the company had no intention to announce the security breach to the public. This can be detrimental to the company if customers became

More about The Ipremier Company: Denial of Serivice Attack. Case Analysis

Open Document